Riverside, Ohio, Just the Latest in a Spate of Government-Focused Ransomware Attacks

While federal authorities focus their attention on several attacks on the Ohio town, a number of other high-profile attacks have made headlines in recent months.

by Will Garbe, Parker Perry, Dayton Daily News
/
May 14, 2018

Shutterstock

(TNS) — Riverside, Ohio, is the latest government facing an apparent ransomware attack.

For years, the FBI has warned that the use of ransomware — malicious software that threatens to block access to data or to publish it unless the infected organization pays a ransom — is a fast-growing criminal enterprise.

Organizations often don’t learn they have been infected until they can’t access their data or until computer messages appear demanding a ransom payment in exchange for a decryption key, according to the FBI’s website.

Carpenter said the term “ransomware” was used to describe the attacks. The term implies that a third-party held, or is holding, the city’s data hostage in exchange for a ransom, often paid in bitcoin or other cryptocurrency.

The Secret Service is tasked with defending U.S. financial institutions from cyberattacks. Because of the agency’s experience, the Secret Service often assists other entities facing similar attacks.

“As a matter of policy, the Secret Service does not discuss active criminal investigations,” said Kevin Dye, resident agent-in-charge for the U.S. Secret Service in Dayton.

Riverside officials have not determined what exactly happened during the attacks, Carpenter said. City officials plan to meet May 15 with the city’s third-party information technology company to discuss the problem.

ATLANTA — MARCH 2018

Atlanta’s municipal government faced a ransomware attack in March. An attacker demanded a $50,000 ransom to restore the city’s systems.

City officials urged employees to check their bank accounts to make sure their financial information had not been accessed and said that anyone who had conducted transactions with the city could be at risk.

MAD RIVER TWP., CLARK COUNTY, OHIO — AUGUST 2017

Chief Elmer Beard said the virus was found in August and the department has tried to work out solutions to get the information unencrypted. The hackers demanded payment for the information in Bitcoin, which translates to thousands of dollars he said.

“This data does contain personal identifiable information,” Beard said in a press release.

The data impacted is from information collected by officials when residents used EMS or fire services, Beard said.

It does not appear information was stolen, he said, instead the hackers encrypted the data so no one can read it. The department elected not to pay the ransom because they were unsure if they would actually get the information back, Beard said.